Re: [AppArmor 39/45] AppArmor: Profile loading and manipulation,pathname matching

[david]

On Sun, 10 Jun 2007, Pavel Machek wrote:

> Hi!
>
> > > So, AA developers, do you have such a document anywhere?  I know there
> > > are some old research papers, do they properly describe the current
> > > model you are trying to implement here?
> >
> > Greg,
> >   to implement the AA approach useing SELinux you need to have a way that
> > files that are renamed or created get tagged with the right label
> > automaticaly with no possible race condition.
> >
> > If this can be done then it _may_ be possible to do the job that AA is
> > aimed at with SELinux, but the work nessasary to figure out what lables
> > are needed on what file would still make it a non-trivial task.
> >
> > as I understand it SELinux puts one label on each file, so if you have
> > three files accessed by two programs such that
> > program A accesses files X Y
> > program B accesses files Y Z
> >
> > then files X Y and Z all need seperate labels with the policy stateing
> > that program A need to access labels X, Y and program B needs to access
> > files Y Z
> >
> > extended out this can come close to giving each file it's own label. AA
> > essentially does this and calls the label the path and computes it at
> > runtime instead of storing it somewhere.
>
> Yes, and in the process, AA stores compiled regular expressions in
> kernel. Ouch. I'll take "each file it's own label" over _that_ any time.

and if each file has it's own label you are going to need regex or similar 
to deal with them as well.

David Lang
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/